Totalcloud does not store any information except for the cost billing reports. The billing reports will also be deleted as soon as the account is deleted. In case your subscription is over, we retain temporarily for 15 days. All the metadata information is fetched & processed in real-time without storing. All sensitive information is transmitted over encrypted channels(TLS/SSL) and HTTPS . Our servers are hosted in AWS' Virtual Private Cloud with strong access controls for network and application level security.
All user data are permanently deleted when you delete your TotalCloud account.
We support only Cross-Account Access method, the industry standard & most secure methodology to provide access to 3rd party vendors, to connect to your AWS account.
IAM Permission policy
All credentials and passwords are uniquely salted and strongly hashed, and they cannot be retrieved by anyone, including TotalCloud staff.
Wherever required credentials (like secret keys) are one way functions and can only be overridden by the user and not retrieved.